Data security Flashcards
What are the four main threats to data security?
Hardware failure/fault
Software failure
Human error
Deliberate/Malicious damage or access
What is data integrity?
The correctness of the data
What is data privacy?
not allowing unauthorised people to access the data
What is data security?
a term used for methods that try to ensure that integrity and/or privacy of data is maintained
Name 3 examples of hardware failure/fault
hard-disk failure, data corruption during data transfer and power failure while saving file
Name 2 examples of software failure
programming error which causes program to crash without data being saved, software not installed correctly
Name 3 examples of Deliberate/Malicious damage or access
a disgruntled ex-employee deletes important files, a virus infects PC and deletes information (or transmits to an unauthorised person), a hacker guesses a login and password and gains access to information
Name 3 ways you can protect data against hardware failure
UPS - uninterruptable power supplies - if power fails work of battery
Secondary backup power supply
Have backups (maybe off-site) of data
Use RAID system - data is written to more than one hard disk
Name 2 ways you can protect data against software failure
Difficult/impossible to entirely sop data loss through software failure
Buy tried and tested software that has been used for a while to ensure problems have been ironed out.
Backup/recovery systems.
Name 3 ways you can protect data against Human Error
Warnings if data is being deleted
Access rights on files so that only data that user can access can be corrupted
Backups
Name 3 ways you can protect data against Malicious Intent
Login/Password/Biometrics
data transmitted across networks should be encrypted
firewalls
Why is disaster planning important?
Many organisations rely on computer systems and could not continue/survive if system data lost or failed for anything but a short time (e.g. online retailers)
What are the elements of disaster planning?
Regular backups (off-site) is the most important thing
Files archived off-site
Alternative systems
Backup power supplies, etc.
Staff need to be trained in how to recover successfully
What is a disaster plan?
A disaster plan is a vital document in any organisation to give guidance as to what the organisation will do in the event of different disasters occurring.
What is a contingency plan?
a method of recovery for a risk that has been identified
What is accidental damage?
When data is unintentionally amended or deleted;
People likely to cause accidental damage to data by deleting or amending data by accident.
What is malicious damage?
When data is intentionally amended or deleted;
Hackers likely to cause malicious damage to data
Disgruntled store employees deleting or amending data on purpose.